MCP.so
Sign In
V

Vigil - AI Security Audit and Cryptographic Proof

@vigil-xy

About Vigil - AI Security Audit and Cryptographic Proof

Security scanner for developers and startups.

Basic information

Category

Developer Tools

Transports

stdio

Publisher

vigil-xy

Submitted by

desada

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "vigil-mcp": {
      "command": "npx",
      "args": [
        "vygil",
        "scan"
      ]
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Vigil - AI Security Audit and Cryptographic Proof?

Vigil is a production-ready security scanner that performs deep security audits of systems—covering networks, processes, filesystems, dependencies, configurations, and containers—and generates cryptographically signed, tamper-evident reports using Ed25519 signatures with SHA-256 hashing. It integrates seamlessly with AI assistants like Claude Desktop and Cursor through the Model Context Protocol (MCP), making it ideal for developers and security teams.

How to use Vigil - AI Security Audit and Cryptographic Proof?

Install globally via npm (npm install -g vygil) or run directly with npx (npx vygil scan). Use the CLI: vygil scan (basic scan), vygil scan --json -o report.json (JSON output saved to file), vygil verify report.json (verify cryptographic signature), and vygil keys --generate (generate key pair). To expose scanning tools to AI assistants, start the MCP server with vygil-mcp and configure the assistant’s MCP settings (e.g., add to Claude Desktop’s claude_desktop_config.json).

Key features of Vigil - AI Security Audit and Cryptographic Proof

  • Comprehensive security scanning across six domains
  • Cryptographically signed reports with Ed25519 and SHA-256
  • MCP server integration for AI assistants (Claude, Cursor)
  • CLI interface with scan, verify, and key management commands
  • Tamper-evident reports for compliance and auditing
  • Modular scanner design with parallel execution

Use cases of Vigil - AI Security Audit and Cryptographic Proof

  • Identify security vulnerabilities in local development environments
  • Detect exposed secrets, weak file permissions, and dangerous configurations
  • Audit dependencies for known vulnerabilities using npm audit
  • Monitor container and network security for privileged containers and open ports
  • Generate tamper-evident security reports for compliance and auditing

FAQ from Vigil - AI Security Audit and Cryptographic Proof

How do I install Vigil?

Install globally via npm: npm install -g vygil, or use directly with npx: npx vygil scan (no installation required). You can also clone the repository and build from source.

How do I run a security scan?

Use the CLI command vygil scan for a basic scan with cryptographic signing. Add --json for JSON output, -o report.json to save to file, or --no-sign to skip signing. Combine options, e.g., vygil scan --json -o report.json.

How do I verify that a report hasn’t been tampered with?

Run vygil verify report.json to verify the cryptographic signature (Ed25519). The verification confirms the report’s authenticity and integrity.

How do I integrate Vigil with Claude Desktop or Cursor?

After starting the MCP server (vygil-mcp), add it to your AI assistant’s MCP configuration file. For Claude Desktop on macOS, add to ~/Library/Application Support/Claude/claude_desktop_config.json. For Cursor, add to .cursor/mcp_config.json in your project.

Where are cryptographic keys stored?

Keys are stored in the ~/.vigil/keys/ directory. Generate a new Ed25519 key pair with vygil keys --generate, and show your public key with vygil keys --show-public.

Comments

More Developer Tools MCP servers